<?php

namespace App\Http\Middleware;

use Closure;

class ChengAdminLogin
{
    /**
     * Handle an incoming request.
     *
     * @param  \Illuminate\Http\Request  $request
     * @param  \Closure  $next
     * @return mixed
     */
    public function handle($request, Closure $next)
    {
        //传递参数  $param
        //用户是否登录检查
        if(!auth()->check()){
            return  redirect(route('admin.login'))->withErrors(['error'=>'请登录!']);
        }
        //权限判断
        $authRoute = session('admin.auth');
        if(is_array($authRoute)){
            //路由权限控制 获取设置的权限
            $authRoute =array_filter($authRoute);
            //获取当前路由别名
            $getRoute= $request->route()->getName();
            $Routes = array_merge($authRoute,config('rbac.allow_route'));
            //用户访问路由 是否有权限
            if(!in_array($getRoute,$Routes)){
                exit("没有权限访问！");
            }
        }
        $request->auths = $authRoute;
        return $next($request);
    }
}
